Is the promise of using your phone to make purchases finally here? Besides using the Starbucks app to get wired on coffee, has something fundamentally changed to allow people to legitimately leave their wallets at home for good? Well, if you feel like you’ve been hearing more about this lately, it’s because something is actually different.
A bit of background – For a while now, people in the payments world have talked about NFC as a way to pay for stuff using your phone. NFC stands for Near Field Communication, and it’s basically a way for your phone to talk to the register where you pay and for the register to talk back to your phone, as long as they’re close to each other. The common thinking for the last few years was that you needed to store the really sensitive stuff on a secure element (SE) on a physical part of the phone. If you want to get technical, the physical form of the SE can be a Universal Integrated Circuit Card (UICC), embedded SE or microSD.
The problem with secure elements on the phone – In order to get a payments app to use the secure element (SE) on the phone, you need to go through a process called NFC provisioning which requires card issuers to authorize and provide keys to access to the SE. On top of that, the SE is part of the phone, so you have to deal with the phone carriers as well. Verizon made a stink about Google Wallet in 2012, because they felt that the SE was on propitiatory hardware. Add to all of this nonsense on who has control and gets a piece of the action to the limited storage space on the SE, and you have something that is not primed for innovation and development of multiple apps using NFC to interact with the physical world.
The workaround – The way around all of this while still using the NFC chip in the phone as a communication device is something called Host Card Emulation (HCE). Rather than trying to store all of the secure stuff on some physical piece on the phone, we can now store the payment details or credentials in the application memory or most likely in the cloud. This is not something new. Since 2012, a company called SimplyTapp has been enabling people to use HCE to find a better way to think about storing secure data outside of the secure element.
What changed? – While Blackberry has had HCE for a bit, what really made an impact was the inclusion and support of HCE in Google’s latest version of Android (KitKat 4.4 which launched in October 2013). As more Android phones, especially the new Samsung and Nexus models, start running and supporting KitKat 4.4, there’s going to be a real market for developers and merchants to start putting together apps that take advantage of HCE.
What does this mean? – In addition to being able to pay credit card transactions with your phone, HCE is going to make it a lot easier for merchants to setup loyalty programs, allow customers to pay using their own cards (think Macy’s or Target) and gift cards. It will also open up the possibilities for governments to offer tap by phone for buses and trains, where it was cost prohibitive before.
If you thought something changed recently on your ability to tap and pay, you’re definitely right. It was a Google. But then we always come back to the other question which is whether we even want to take out our phone to make the payment. Another question for another day…